A MAJOR new hacking attack underscores that governments and companies are losing the war against cyber thieves, but it's unclear if the disclosure will prompt quicker global action against online break-ins. A US report that intruders breached the computer networks of 72 organizations around the world over a five-year period in the biggest hacking campaign found to date will be seized on by Western states to call for tougher digital defenses. “This is the biggest transfer of wealth in terms of intellectual property in human history,” said Dmitri Alperovitch, vice president of Threat Research at US security company McAfee, which produced the report. McAfee said it believed there was one “state actor” behind the attacks but declined to name it, though one security expert who has been briefed on the hacking said the evidence points to China. There was no comment from China on the report. Evidence of official Western concern about the raids surfaced on Wednesday when Britain's electronic spy agency issued a rare public comment, saying the report illustrated the importance of better cyber security for trade and social development. There was a need for the widest possible international “shared understanding” of acceptable online behavior, the Government Communications Headquarters told Reuters. At the White House, spokesman Jay Carney said US President Barack Obama was working to tighten the defenses of both the government and private sector. Echoing that view, the British-based International Cyber Security Protection Alliance, which helps law enforcement agencies tackle online intruders, said the report showed cyber warfare had escalated to a degree that was irrefutable. “Businesses that have mainstream exposure to the Internet and that are dependent upon technology for their survival must now surely take the threat seriously,” alliance chief executive John Lyons told Reuters. He said companies should now be “much less arrogant in their approach to ensure that their intellectual property and customer data is securely protected”. Whether they will be any more vigilant is another question. Despite growing alarm in Western governments, a host of obstacles stands in the way of a safer online world, not least the reluctance of stigma-conscious companies to report attacks. That reluctance is eroding, following publicised strikes on Western and multilateral institutions in 2011, but not quickly enough for the liking of many security experts. Mohan Koo, chief executive at security firm Dtex, said the report would encourage more companies to speak out and pool experiences to combat what he calls the hacking epidemic. “However, I suspect most will want to remain anonymous due to the heightened fear of reputational implications,” he said. “More detail around what was stolen and how would certainly help illustrate the scenarios and would provide more chance of others coming and saying, ‘Hey, that happened to me too!'.” Graham Cluley, senior technology consultant at Sophos, told Reuters the McAfee report was another important reminder for all firms and governments to take computer security seriously.But he agreed that more information would help focus minds. “At the moment, it's unclear whether it was Rose on Reception or Dave the CEO who had his computer attacked.” Then there is cynicism among businesses about publicized cyber disasters. These are sometimes seen as marketing by an industry competing hard for business from clients strapped for cash.
